Discussions

News: Article: Java and .NET, Cryptographic Security Comparison

Bookmark and Share Get thread feed

  1. Article: Java and .NET, Cryptographic Security Comparison (2 messages)

    • Posted by: Dion Almaer
    • Posted on: December 30 2003 09:49 EST
    Denis Piliptchouk has written an article which compares the security features of Java 1.4, and .NET 1.1. This second article in the series delves into the issues of cryptography support and the mechanisms of communication protection on those platforms.

    Article Conclusions

    "In this article, cryptography and communication protection on Java and .NET platforms were reviewed. Both platforms come out pretty even in terms of cryptographic features, although Java has a more complicated solution due to the obsolete US export restrictions. The picture becomes muddier when it comes to communication protection -- while Java fares much better by providing a choice of both platform and application-level solutions, it clearly lags behind .NET when it comes to support for web services security. Here, Java developers would have to turn to independent vendors for the desired features."

    Read Java vs. .NET Security, Part 2

    Also, read Part 1, which looks at configuration, code verification, and memory isolation.
    Reply to this

    Threaded Messages (2)

  2. Article: Java and .NET, Cryptographic Security Comparison[ Go to top ]

    "The picture becomes muddier when it comes to communication protection -- while Java fares much better by providing a choice of both platform and application-level solutions, it clearly lags behind .NET when it comes to support for web services security. Here, Java developers would have to turn to independent vendors for the desired features."

    Ah? I thought the whole point of WebServices was to get .NET to talk to the rest of the world since they don't support anything else. If the MS programmers manage to encrypt their message beyond the "supported" capabilities of the rest of the world how is anyone going to be able to communicate?

    Anyway, enough bitching, I thought it was a pretty good and even article, it's good to see a reasonably well informed article about both sides.

    -John-
    Reply to this Reply to original

  3. Article: Java and .NET, Cryptographic Security Comparison[ Go to top ]

    "Although not a standard part of Java platform, IBM's Emerging Technologies Toolkit v1.2 (ETTK), formerly known as Web Services Development Kit, or WSTK, adds support for the current draft of WS-Security and some other specifications from the WSA family, of which IBM is a co-author."

    IBM has production support for WS-Security since Websphere Application Server 5.0.2 (released after spring 2003).
    For testing it, take a look of WebSphere SDK for Web Services (WSDK):
    http://www-106.ibm.com/developerworks/webservices/wsdk/

    Ciao and happy new year, Diego
    Reply to this Reply to original